package org.owasp.dependencycheck.analyzer;

import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.commons.compress.archivers.ArchiveStreamFactory;
import org.apache.commons.compress.archivers.zip.ZipArchiveEntry;
import org.apache.commons.compress.archivers.zip.ZipArchiveInputStream;
import org.h2.store.fs.FileUtils;
import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.dependency.Dependency;
import org.owasp.dependencycheck.utils.Settings;

/* loaded from: input_file:WEB-INF/lib/dependency-check-core-1.0.2.jar:org/owasp/dependencycheck/analyzer/ArchiveAnalyzer.class */
public class ArchiveAnalyzer extends AbstractAnalyzer implements Analyzer {
    private static final int BUFFER_SIZE = 4096;
    private File tempFileLocation = null;
    private int scanDepth = 0;
    private static final String ANALYZER_NAME = "Archive Analyzer";
    private static int dirCount = 0;
    private static final int MAX_SCAN_DEPTH = Settings.getInt("archive.scan.depth", 3);
    private static final AnalysisPhase ANALYSIS_PHASE = AnalysisPhase.INITIAL;
    private static final Set<String> EXTENSIONS = newHashSet(ArchiveStreamFactory.ZIP, "ear", "war");

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public Set<String> getSupportedExtensions() {
        return EXTENSIONS;
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public String getName() {
        return ANALYZER_NAME;
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public boolean supportsExtension(String str) {
        return EXTENSIONS.contains(str);
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public AnalysisPhase getAnalysisPhase() {
        return ANALYSIS_PHASE;
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer, org.owasp.dependencycheck.analyzer.Analyzer
    public void initialize() throws Exception {
        File tempDirectory = Settings.getTempDirectory();
        if (!tempDirectory.exists()) {
            tempDirectory.mkdirs();
        }
        this.tempFileLocation = File.createTempFile("check", "tmp", tempDirectory);
        if (!this.tempFileLocation.delete()) {
            throw new AnalysisException("Unable to delete temporary file '" + this.tempFileLocation.getAbsolutePath() + "'.");
        }
        if (!this.tempFileLocation.mkdirs()) {
            throw new AnalysisException("Unable to create directory '" + this.tempFileLocation.getAbsolutePath() + "'.");
        }
    }

    @Override // org.owasp.dependencycheck.analyzer.AbstractAnalyzer, org.owasp.dependencycheck.analyzer.Analyzer
    public void close() throws Exception {
        if (this.tempFileLocation == null || !this.tempFileLocation.exists()) {
            return;
        }
        FileUtils.deleteRecursive(this.tempFileLocation.getAbsolutePath(), true);
    }

    @Override // org.owasp.dependencycheck.analyzer.Analyzer
    public void analyze(Dependency dependency, Engine engine) throws AnalysisException {
        File file = new File(dependency.getActualFilePath());
        File nextTempDirectory = getNextTempDirectory();
        extractFiles(file, nextTempDirectory, engine);
        ArrayList arrayList = new ArrayList(engine.getDependencies());
        engine.scan(nextTempDirectory);
        List<Dependency> dependencies = engine.getDependencies();
        if (arrayList.size() != dependencies.size()) {
            HashSet<Dependency> hashSet = new HashSet();
            hashSet.addAll(dependencies);
            hashSet.removeAll(arrayList);
            for (Dependency dependency2 : hashSet) {
                String format = String.format("%s%s", dependency.getFilePath(), dependency2.getActualFilePath().substring(nextTempDirectory.getAbsolutePath().length()));
                String format2 = String.format("%s%s%s", dependency.getFileName(), File.separator, dependency2.getFileName());
                dependency2.setFilePath(format);
                dependency2.setFileName(format2);
                if (supportsExtension(dependency2.getFileExtension()) && this.scanDepth < MAX_SCAN_DEPTH) {
                    this.scanDepth++;
                    analyze(dependency2, engine);
                    this.scanDepth--;
                }
            }
        }
        Collections.sort(engine.getDependencies());
    }

    private File getNextTempDirectory() throws AnalysisException {
        dirCount++;
        File file = new File(this.tempFileLocation, String.valueOf(dirCount));
        if (file.mkdirs()) {
            return file;
        }
        throw new AnalysisException("Unable to create temp directory '" + file.getAbsolutePath() + "'.");
    }

    private void extractFiles(File file, File file2, Engine engine) throws AnalysisException {
        if (file == null || file2 == null) {
            return;
        }
        try {
            ZipArchiveInputStream zipArchiveInputStream = new ZipArchiveInputStream(new BufferedInputStream(new FileInputStream(file)));
            while (true) {
                try {
                    try {
                        ZipArchiveEntry nextZipEntry = zipArchiveInputStream.getNextZipEntry();
                        if (nextZipEntry == null) {
                            try {
                                return;
                            } catch (IOException e) {
                                return;
                            }
                        }
                        if (nextZipEntry.isDirectory()) {
                            File file3 = new File(file2, nextZipEntry.getName());
                            if (!file3.mkdirs()) {
                                throw new AnalysisException("Unable to create '" + file3.getAbsolutePath() + "'.");
                            }
                        } else {
                            File file4 = new File(file2, nextZipEntry.getName());
                            if (engine.supportsExtension(org.owasp.dependencycheck.utils.FileUtils.getFileExtension(file4.getName()))) {
                                BufferedOutputStream bufferedOutputStream = null;
                                try {
                                    try {
                                        BufferedOutputStream bufferedOutputStream2 = new BufferedOutputStream(new FileOutputStream(file4), 4096);
                                        byte[] bArr = new byte[4096];
                                        while (true) {
                                            int read = zipArchiveInputStream.read(bArr, 0, 4096);
                                            if (read == -1) {
                                                break;
                                            } else {
                                                bufferedOutputStream2.write(bArr, 0, read);
                                            }
                                        }
                                        bufferedOutputStream2.flush();
                                        if (bufferedOutputStream2 != null) {
                                            try {
                                                bufferedOutputStream2.close();
                                            } catch (IOException e2) {
                                                Logger.getLogger(ArchiveAnalyzer.class.getName()).log(Level.FINEST, (String) null, (Throwable) e2);
                                            }
                                        }
                                    } catch (Throwable th) {
                                        if (0 != 0) {
                                            try {
                                                bufferedOutputStream.close();
                                            } catch (IOException e3) {
                                                Logger.getLogger(ArchiveAnalyzer.class.getName()).log(Level.FINEST, (String) null, (Throwable) e3);
                                            }
                                        }
                                        throw th;
                                    }
                                } catch (FileNotFoundException e4) {
                                    Logger.getLogger(ArchiveAnalyzer.class.getName()).log(Level.FINE, (String) null, (Throwable) e4);
                                    throw new AnalysisException("Unable to find file '" + file4.getName() + "'.", e4);
                                } catch (IOException e5) {
                                    Logger.getLogger(ArchiveAnalyzer.class.getName()).log(Level.FINE, (String) null, (Throwable) e5);
                                    throw new AnalysisException("IO Exception while parsing file '" + file4.getName() + "'.", e5);
                                }
                            }
                        }
                    } catch (IOException e6) {
                        String format = String.format("Exception reading archive '%s'.", file.getName());
                        Logger.getLogger(ArchiveAnalyzer.class.getName()).log(Level.WARNING, format);
                        Logger.getLogger(ArchiveAnalyzer.class.getName()).log(Level.FINE, (String) null, (Throwable) e6);
                        throw new AnalysisException(format, e6);
                    } catch (Throwable th2) {
                        String format2 = String.format("Exception reading archive '%s'.", file.getName());
                        Logger.getLogger(ArchiveAnalyzer.class.getName()).log(Level.WARNING, format2);
                        Logger.getLogger(ArchiveAnalyzer.class.getName()).log(Level.WARNING, (String) null, th2);
                        throw new AnalysisException(format2, th2);
                    }
                } finally {
                    try {
                        zipArchiveInputStream.close();
                    } catch (IOException e7) {
                        Logger.getLogger(ArchiveAnalyzer.class.getName()).log(Level.FINEST, (String) null, (Throwable) e7);
                    }
                }
            }
        } catch (FileNotFoundException e8) {
            Logger.getLogger(ArchiveAnalyzer.class.getName()).log(Level.INFO, (String) null, (Throwable) e8);
            throw new AnalysisException("Archive file was not found.", e8);
        }
    }
}
